Click here to visit Original posting
Manager at this software vendor insists on having admin rights to every system, and she likes to set passwords that consist of the name of the company's flagship product, reports a pilot fish working there.
"She would use ourproductname1 -- or ourproductname1! if that didn't satisfy complexity requirements -- for production systems," fish says. "Sending her a copy of our organization's security requirements didn't seem to help.
"Thankfully, as our product matured, more and more of the older systems came offline and were replaced by me with newer systems and secure passwords.
"One fine morning I received a barrage of alerts that our SaaS product was down. Looking through the logs, I saw a multitude of authentication errors from attempted database connections.